The security administrator of a large enterprise is tasked with installing and configuring a solution
that will allow the company to inspect HTTPS traffic for signs of hidden malware and to detect data
exfiltration over encrypted channels. After installing a transparent proxy server, the administrator is
ready to configure the HTTPS traffic inspection engine and related network equipment. Which of
the following should the security administrator implement as part of the network and proxy design
to ensure the browser will not display any certificate errors when browsing HTTPS sites? (Select
THREE).
A.
Install a self-signed Root CA certificate on the proxy server.
B.
The proxy configuration of all users’ browsers must point to the proxy IP.
C.
TCP port 443 requests must be redirected to TCP port 80 on the web server.
D.
All users’ personal certificates’ public key must be installed on the proxy.
E.
Implement policy-based routing on a router between the hosts and the Internet.
F.
The proxy certificate must be installed on all users’ browsers.